Multiple Arbitrary Code Execution Vulnerability in Foxit PDF Reader Affected 9.0.1.1049 and Earlier Versions
Multiple vulnerabilities reported in the Foxit PDF reader allows an attacker to execute the arbitrary code on the user’s system and …
Browsing: Vulnerability
LinkedIn patches serious leak in its AutoFill plugin
LinkedIn has plugged a flaw in its AutoFill button that would have allowed a malicious website to harvest basic account data from your …
ASUS infosvr Authentication Bypass Command Execution
Topic: ASUS infosvr Authentication Bypass Command Execution …
iOS Trustjacking -Dangerous iOS Vulnerability to Hack iPhones & Gain Complete Control Remotely by Attackers
New Vulnerability called “iOS Trustjacking” discovered in the iOS device that allows an attacker to control the Vulnerable device …
NSA reveals how it beats 0-days
In the ongoing cat-and-mouse game between nation states and attackers, anyone with something to protect has less time than ever to shore up …
Researchers Discover Second rTorrent Vulnerability Campaign
F5 threat researchers have discovered a second campaign targeting an earlier rTorrent configuration error, this time to disguise threat …
48 million people put at risk after firm that scraped info from social networks left it exposed for anyone to download
Chances are that you’ve never heard of Washington-based data firm LocalBlox. But that doesn’t mean that they haven’t heard of …
Cisco plugs critical hole in WebEx, users urged to upgrade ASAP
Cisco has fixed a critical vulnerability in its WebEx videoconferencing software that could be exploited to compromise meeting attendees’ …
#RSAC: The Impact of Industrial IoT Exploits
Speaking at RSA 2018 in San Francisco Ed Cabrera, chief cybersecurity officer at Trend Micro, examined the attack surface of smart …
A flaw could allow easy hack of LG Network-attached storage devices
The flaw ties the improper validation of the “password” parameter of the user login page for remote management, this means that a …
Vulnerabilities Abound in Popular Android Apps: Report
About 20 percent of the most popular Android Apps available through the Google Play Store contain open source components with known …
Critical Unpatched RCE Flaw Disclosed in LG Network Storage Devices
If you have installed a network-attached storage device manufactured by LG Electronics, you should take it down immediately, read this …
Facebook Graph Metadata Crosswalk Mapping Proof Of Concept
#!/usr/bin/perl # # Facebook ‘Graph’ metadata crosswalk mapping (PoC) # # 2018 Todor Donev
Microsoft Windows nt!NtQueryInformationProcess (ProcessImageFileName) Kernel 64-bit Pool/Stack Memory Disclosure
/* We have discovered that the nt!NtQueryInformationProcess system call invoked with the ProcessImageFileName (0x1B) information class …
US, UK, and Australian governments accuse Russia of targeting networking infrastructure
Government departments and private businesses are being targeted in internet attacks orchestrated by the Russian government, exploiting …
DotNetNuke 7.2.8 CATALooKStore Cross Site Scripting
DotNetNuke versions 7.2.8 and below suffers from a cross site scripting vulnerability in …
Traditional firewalls fall short in protecting organizations, says survey
Even with a firewall in place, nearly a quarter of IT managers don’t know what’s going on with 70% of their network traffic. That’s …
Despite Decline in Use of Adobe Flash, Vulnerabilities Will Continue to Cause Concern
This post was researched and written with the assistance of Tim Hux, Abhishek Karnik, Asheer Malhotra, and Steve Povolny McAfee Advanced …
Hackers attack Casino’s fish tank thermometer to obtain sensitive data
As per the CEO of Darktrace, a cybersecurity firm, Nicole Eagan a casino recently got attacked by hackers only because of a vulnerable …
Over 65,000 Vulnerable Routers Abused by Multi-purpose Proxy Botnet
Attackers abuse the Universal Plug and Play (UPnP) protocol that comes with routers and uses the devices to create a powerful proxy network …
Four SSH Vulnerabilities You Should Not Ignore
The Secure Shell (SSH) protocol was created in 1995 by a researcher from the University of Helsinki after a password-sniffing attack. SSH …
Hackers Have Started Exploiting Drupal RCE Exploit Released Yesterday
Hackers have started exploiting a recently disclosed critical vulnerability in Drupal shortly after the public release of working exploit …
Power Line Vulnerability Closes Air Gap
Security professionals love to talk about the “air gap” as the ultimate in safety for a …
Thousands of compromised websites spreading malware via fake updates
Malicious hackers have been exploiting thousands of legitimate websites since at least December 2017 in a sophisticated campaign that has …
Microsoft Outlook bug expose Windows credentials to hackers
It was also discovered that OLE-SMB scenario leaks more than the user’s IP address. When the RTF email is previewed, the computer …
Hackers can takeover & control emergency alarm system with a $35 radio
Some of the major customers of ATI Systems include the City of San Francisco, One World Trade Center, UMass Amherst, the West Point …
How Attackers Can Exploit rTorrent with Monero Cryptocurrency Miner
rTorrent is a Unix-based torrent client that is implemented in C++. rTorrent optionally supports XML-RPC to allow control by other external …
Update now! Microsoft’s April 2018 Patch Tuesday – 65 vulns, 24 critical
With the Windows 10 1803 Spring Creators Update delayed at the eleventh hour for unknown reasons, admins and end users will still receive …
Update now! Microsoft April Patch Tuesday – 65 vulns, 24 critical
With the Windows 10 1803 Spring Creators Update delayed at the eleventh hour for unknown reasons, admins and end users will still receive …
Flaw in Microsoft Outlook Lets Hackers Easily Steal Your Windows Password
A security researcher has disclosed details of an important vulnerability in Microsoft Outlook for which the company released an incomplete …